Knowledge

Security and privacy challenges are top of mind for everyone, as the Internet of Things and mobile device (and associated application) adoption continues to permeate every major industry. I sat down with our security experts at ICSA Labs to learn more about what major security technology trends they see impacting businesses and their customers in 2015. Here’s what they had to say:

The Internet of Things will pose security risks: As more devices get connected to the Internet, the greater the security risk. For example, with the increased popularity of wearables, there is more data to protect. In the healthcare space alone, providers are struggling with managing and storing massive amounts of data and hackers are looking for ways to exploit security vulnerabilities in Internet-connected devices.

Mobile app security will continue to be a hot topic: Gartner recently predicted that 75 percent of mobile apps will fail testing in 2015, largely because there is minimal due diligence done for both corporate and personal apps. While some apps from highly-regulated companies undergo rigorous testing, most do not, creating potential security gaps and openings for vulnerabilities. As a result, we’re likely to see an increased focus on mobile app security.

BYOD security concerns will continue to plague IT departments: With an increasing amount of personal devices being connected to the corporate Wi-Fi, employers face a greater risk of vulnerabilities being introduced into their networks. For example, jail-broken or rooted devices, which are modified devices that give similar access to administrative permissions, have the potential to expose sensitive information to mobile apps that could exfiltrate the data to an offsite network.

Cloud providers will face more persistent attacks: As more data and information continues to get stored in the cloud, we can expect more persistent attacks against cloud providers.

State-sponsored attacks will continue to pose an enormous risk, particularly to critical infrastructure and national security. Financially-motivated cybercriminals are more organized than ever, and state-orchestrated attacks can now target a whole country’s network infrastructure, potentially exposing intellectual property (IP) and national security secrets.

Cyberrisk insurance will become more popular: As retailers and major organizations face data breaches, more will purchase cyber liability insurance to cover the costs associated with cyberattacks. As a result, more responses to data breaches will be managed by the insurance carriers’ claims processes versus governed by an organization’s own staff.

As an ONC-Authorized Certification Body (ONC-ACB) that is accredited to both test and certify Electronic Health Record (EHR) technology for the Office of the National Coordinator’s Health IT Certification Program, our program managers noted two specific cybersecurity trends in healthcare.

Interoperability will increase the number of data breaches: As federal requirements and incentives drive interoperability in healthcare, we expect to see more security threats penetrating connected systems. This could cause the industry to re-examine current security requirements around health information exchange and medical devices.

Malware will proliferate healthcare devices: Expect to see more malware issues for healthcare systems in 2015, especially as organizations deploy kiosks and similar technologies for consumer use. We predict that malware authors will start writing software to penetrate healthcare systems, just as the retail industry did for point-of-sale applications in the past two years.

To learn more about how your enterprise can address these and many other emerging security threats through certification and security testing, contact ICSA Labs at icsalabsinfo@icsalabs.com.